IT GOVERNANCE DESIGN IMPLEMENTATION SCENARIO AS KEY SUCCESS OF GOOD CORPORATE GOVERNANCE AND IT COMPLIANCE ASSURANCE (Case study: PT Telekomunikasi Indonesia, Tbk.)
The implementation of IT Governance which is a part of 5 pillars Good Corporate Governance will align the IT and the business strategy goals. On the other side the <br /> <br /> <br /> <br /> <br /> compliance requirement is necessary by a public company which...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/18338 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | The implementation of IT Governance which is a part of 5 pillars Good Corporate Governance will align the IT and the business strategy goals. On the other side the <br />
<br />
<br />
<br />
<br />
compliance requirement is necessary by a public company which listed in the stock exchange, both in national stock market and international stock market. IT Governance implementation will enable the processes, structures, and mechanisms of IT system to be trusted by the stakeholders in developing the Financial Reporting.The problems in managing IT raised from an inefective IT policies design, an inefficient business process, segregation-of-duties (SoD) principle violation of the role mapping of the business process, un-authorized user access, and exessive user access. These will be the IT Governance implementation challenge, especially for Indonesian companies which has a cultural gap with the country origin where the best practice has been developed: Sarbanes-Oxley Act (SOX), COBIT, COSO, the ISO/IEC 27000-series, and the ITIL; it was also considered as the challenging factor of the IT Governance Implementation. Otherwise the company with well implemented IT Governance will still face the problems in maintenance and managing of IT compliance. Problems identified during this final project research on the case study taken, were: audit method implementation, organization and accountability issues in implementating the internal control, awareness of employee on internal control implementation, and internal business process company issues.The research was carried out based on the case study of the IT Governance implementation in the PT Telekomunikasi Indonesia, Tbk., especially during the period of 2006 – 2008. Through the ITGC Readiness and IT Compliance Assurance program, the principles of the IT Governance began to be communicated effectively to develop people Awareness towards the IT policies design, the role mapping and accountability in the SOX business process, as well as the documentation and periodic review during implementing the internal control. Currently the ITGC Audit in TELKOM had a better significant progress result since continues implementation of IT Compliance Assurance program which undertaken from 2006 todate. The implementation of IT Governance had been proven when in 2006 TELKOM IT audit resulted on some weaknesses on design and control access, then since 2007 the company IT audit resulted was free from any Material Weakness. Since 2008 and beyond it creates a better audit result trough ITGC Readiness and IT Compliance Assurance programs,with the company goal setting to be free from any significant deficiencies. The key success has been applied by keep aligning the accountability, the authorization access, and managing the company business process effectiveness. <br />
<br />
<br />
<br />
<br />
Better implementation of IT Governance scenario will realize a Good Corporate Governance and the success of IT audit compliance, and it would be achieved trough strong commitment to ITGC Readiness and IT Compliance Assurance programs. Beside of the refinement on design process of governance and policies it should be also arranged on preparing the strategic scenario with aim to identify enterprise business risks. These risks then will be assured by the auditor through the Risk Control Matrix. The SOX based business process should be defined and stated clearly to minimize the dispute between the IT custodian and IT control or process owner. Building the IT Governance awareness as a corporate culture would become a key for success of the IT Governance implementation as part of Good Corporate Governance realization. |
|---|